Bug#295488: marked as done ([sparc64] [atyfb] No display after boot; monitor is suspended)
Your message dated Fri, 11 Mar 2005 01:17:36 -0500
with message-id <E1D9dSq-0004g1-00@newraff.debian.org>
and subject line Bug#295488: fixed in kernel-source-2.6.10 2.6.10-6
has caused the attached Bug report to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere. Please contact me immediately.)
Debian bug tracking system administrator
(administrator, Debian Bugs database)
--------------------------------------
Received: (at submit) by bugs.debian.org; 16 Feb 2005 03:50:17 +0000
>From aragorn@tiscali.nl Tue Feb 15 19:50:16 2005
Return-path: <aragorn@tiscali.nl>
Received: from smtp-b2c.tiscali.nl (ha-smtp2.tiscali.nl) [195.241.80.19]
by spohr.debian.org with esmtp (Exim 3.35 1 (Debian))
id 1D1GCe-0003yn-00; Tue, 15 Feb 2005 19:50:16 -0800
Received: from strider.fjphome.nl (195-240-184-66-mx.xdsl.tiscali.nl [195.240.184.66])
by ha-smtp2.tiscali.nl (Postfix) with ESMTP id 9BFE750D072
for <submit@bugs.debian.org>; Wed, 16 Feb 2005 04:49:45 +0100 (CET)
From: Frans Pop <aragorn@tiscali.nl>
To: submit@bugs.debian.org
Subject: [sparc64] [atyfb] No display after boot; monitor is suspended
Date: Wed, 16 Feb 2005 04:49:58 +0100
User-Agent: KMail/1.7.1
MIME-Version: 1.0
Content-Type: Multipart/Mixed;
boundary="Boundary-00=_mLsECAuweWUkDN9"
Message-Id: <200502160449.58697.aragorn@tiscali.nl>
Delivered-To: submit@bugs.debian.org
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02
(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Status: No, hits=-8.0 required=4.0 tests=BAYES_00,HAS_PACKAGE
autolearn=no version=2.60-bugs.debian.org_2005_01_02
X-Spam-Level:
--Boundary-00=_mLsECAuweWUkDN9
Content-Type: text/plain;
charset="us-ascii"
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
Package: kernel-source-2.6.10
Severity: serious
Justification: Serious regression from 2.6.8
Tags: patch
As a result of the discussion on switching to 2.6.10 for Sarge, I have
tested 2.6.10 on my Sparc Ultra 10.
Result was that I discovered a serious regression for the atyfb (Mach64)
framebuffer driver since upstream 2.6.10-rc2. I've managed to trace the
problem and solve it with the help from upstream.
Please apply the attached patch that was prepared by David S. Miller
<davem@davemloft.net> and will also be pushed in the upstream kernel.
For the complete history of this patch, see [1].
[1] http://lists.debian.org/debian-sparc/2005/02/msg00043.html
Cheers,
FJP
--Boundary-00=_mLsECAuweWUkDN9
Content-Type: text/x-diff;
charset="us-ascii";
name="sparc_atyfb.patch"
Content-Transfer-Encoding: 7bit
Content-Disposition: attachment;
filename="sparc_atyfb.patch"
===== drivers/video/aty/atyfb_base.c 1.82 vs edited =====
--- 1.82/drivers/video/aty/atyfb_base.c 2005-01-04 18:48:32 -08:00
+++ edited/drivers/video/aty/atyfb_base.c 2005-02-15 08:19:00 -08:00
@@ -2511,7 +2511,15 @@
}
} else
#endif /* !CONFIG_PPC */
- if (!fb_find_mode(&var, info, mode, NULL, 0, &defmode, 8))
+ if (
+#if defined(CONFIG_SPARC32) || defined(CONFIG_SPARC64)
+ /* On Sparc, unless the user gave a specific mode
+ * specification, use the PROM probed values in
+ * default_var.
+ */
+ !mode ||
+#endif
+ !fb_find_mode(&var, info, mode, NULL, 0, &defmode, 8))
var = default_var;
if (noaccel)
--Boundary-00=_mLsECAuweWUkDN9--
---------------------------------------
Received: (at 295488-close) by bugs.debian.org; 11 Mar 2005 06:23:08 +0000
>From katie@ftp-master.debian.org Thu Mar 10 22:23:08 2005
Return-path: <katie@ftp-master.debian.org>
Received: from newraff.debian.org [208.185.25.31] (mail)
by spohr.debian.org with esmtp (Exim 3.35 1 (Debian))
id 1D9dYC-00084j-00; Thu, 10 Mar 2005 22:23:08 -0800
Received: from katie by newraff.debian.org with local (Exim 3.35 1 (Debian))
id 1D9dSq-0004g1-00; Fri, 11 Mar 2005 01:17:36 -0500
From: Andres Salomon <dilinger@voxel.net>
To: 295488-close@bugs.debian.org
X-Katie: $Revision: 1.55 $
Subject: Bug#295488: fixed in kernel-source-2.6.10 2.6.10-6
Message-Id: <E1D9dSq-0004g1-00@newraff.debian.org>
Sender: Archive Administrator <katie@ftp-master.debian.org>
Date: Fri, 11 Mar 2005 01:17:36 -0500
Delivered-To: 295488-close@bugs.debian.org
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02
(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Status: No, hits=-6.0 required=4.0 tests=BAYES_00,HAS_BUG_NUMBER
autolearn=no version=2.60-bugs.debian.org_2005_01_02
X-Spam-Level:
Source: kernel-source-2.6.10
Source-Version: 2.6.10-6
We believe that the bug you reported is fixed in the latest version of
kernel-source-2.6.10, which is due to be installed in the Debian FTP archive:
kernel-doc-2.6.10_2.6.10-6_all.deb
to pool/main/k/kernel-source-2.6.10/kernel-doc-2.6.10_2.6.10-6_all.deb
kernel-patch-debian-2.6.10_2.6.10-6_all.deb
to pool/main/k/kernel-source-2.6.10/kernel-patch-debian-2.6.10_2.6.10-6_all.deb
kernel-source-2.6.10_2.6.10-6.diff.gz
to pool/main/k/kernel-source-2.6.10/kernel-source-2.6.10_2.6.10-6.diff.gz
kernel-source-2.6.10_2.6.10-6.dsc
to pool/main/k/kernel-source-2.6.10/kernel-source-2.6.10_2.6.10-6.dsc
kernel-source-2.6.10_2.6.10-6_all.deb
to pool/main/k/kernel-source-2.6.10/kernel-source-2.6.10_2.6.10-6_all.deb
kernel-tree-2.6.10_2.6.10-6_all.deb
to pool/main/k/kernel-source-2.6.10/kernel-tree-2.6.10_2.6.10-6_all.deb
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 295488@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Andres Salomon <dilinger@voxel.net> (supplier of updated kernel-source-2.6.10 package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Thu, 10 Mar 2005 18:25:39 -0500
Source: kernel-source-2.6.10
Binary: kernel-doc-2.6.10 kernel-tree-2.6.10 kernel-patch-debian-2.6.10 kernel-source-2.6.10
Architecture: source all
Version: 2.6.10-6
Distribution: unstable
Urgency: low
Maintainer: Debian kernel team <debian-kernel@lists.debian.org>
Changed-By: Andres Salomon <dilinger@voxel.net>
Description:
kernel-doc-2.6.10 - Linux kernel specific documentation for version 2.6.10
kernel-patch-debian-2.6.10 - Debian patches to Linux 2.6.10
kernel-source-2.6.10 - Linux kernel source for version 2.6.10 with Debian patches
kernel-tree-2.6.10 - Linux kernel source tree for building Debian kernel images
Closes: 295488 295628
Changes:
kernel-source-2.6.10 (2.6.10-6) unstable; urgency=low
.
* Updated kernel-tree description from Martin F Krafft
(Simon Horman)
.
* Updated apply script so it can handle point versions
(Simon Horman)
.
* atyfb-sparc.dpatch: Fix post-2.6.10 atyfb breakage on SPARC32/64.
closes: #295488 (Joshua Kwan)
.
* skb-reset-ip_summed.dpatch: resolve checksumming exploit in
fragmented packet forwarding (Joshua Kwan)
.
* sparc64-nis-killer.dpatch: patch that fixes some compatibility functions
that (as a side effect) caused NIS to flatten a sparc64 machine.
closes: #295628 (Joshua Kwan)
.
* sparc32-hypersparc-srmmu.dpatch: unbreak hypersparc by reverting a
srmmu "fix", which should not have made it to 2.6.10 (Jurij Smakov)
.
* nls-table-overflow.dpatch: [CAN-2005-0177] NLS ASCII table should be 256
entries, not 128! (Joshua Kwan)
.
* setsid-race.dpatch, setsid-race-2.dpatch:
[CAN-2005-0178] fix setsid() race that could lead to a denial of service.
(Joshua Kwan, Simon Horman)
.
* ipv4-fragment-queues.dpatch, ipv4-fragment-queues-2.dpatch:
fix potential information leak by making fragment queues private.
(Joshua Kwan, Simon Horman)
.
* amd64-noexec32-backport.dpatch: enable executable stack and executable
heap for all 32bit programs on amd64, except if noexec32=on is specified.
(Frederik Schüler)
.
* outs.dpatch: [CAN-2005-0204]: AMD64, allows local users to write to
privileged IO ports via OUTS instruction. (Simon Horman)
.
* un-apply 083-x86_64_switch_mm_context_race.dpatch, it breaks amd64 SMP
systems. Thanks to Stephen Frost who helped fixing this.
(Frederik Schüler)
.
* sparc64-sb1500-clock-2.6.dpatch by David Miller: enable recognition
of the clock chip on SunBlade 1500, it won't boot otherwise.
(Jurij Smakov).
.
* 088-ibmvscsi_event_struct_use_after_free.dpatch
The ibmvscsi driver has paths that free evt_struct, and then proceed to
use it. That's clearly a no-no in SMP/threaded contexts; once an evt_struct
is free, something else may grab it. So, this patch:
- moves the free_event_struct() to after usage of the evt_struct
- creates a single path for cleanup
- calls evt_struct->done during cleanup, which is something that
should've been happening.
(Andres Salomon)
.
* 089-i386_acpi_backwards_ifdef.dpatch
[I386] An ACPI related printk is wrapped in an #ifdef that should be an
#ifndef. Correct that (Andres Salomon).
.
* 090-alsa_midi_emulation_chorus_reverb_swap.dpatch
[ALSA] seq_midi_emul.c had CHORUS_MODE and REVERB_MODE swapped in sysex().
This patch fixes that (Andres Salomon).
.
* 091-alsa_emu8000_load_fx_skip_header.patch
[ALSA] emu8000's load_fx() loads a userspace blob, and should be skipping
over the header (Andres Salomon).
.
* 092-net_sched_police_locate_sanity_check_input.dpatch
[NET] Some sanity checks are needed to ensure payloads are the same size
as the structures they're being copied into. AFAICT, there's no way for a
malicious user to inject a payload in here (it looks like police_locate
stuff is called during routing changes by root); however, I can't say that
I'm too familiar w/ tcf stuff (Andres Salomon).
.
* 093-e1000_eeprom_read_off_by_one.dpatch
The e1000 driver's read_eeprom and write_eeprom functions allowed a bit to
much data to be read/written; an extra word. Fix that (Andres Salomon).
.
* 094-scsi_device_set_state_missing_oldstate.dpatch
[SCSI] scsi_device_set_state() might be setting a device offline, w/ an
oldstate of BLOCK; that shouldn't be considered an error. Add the missing
state transition (Andres Salomon).
.
* 095-jffs2_build_filesystem_memory_leak.dpatch
[JFFS2] Fix memory leak in jffs2_build_filesystem(), if jffs2_scan_medium
fails (Andres Salomon).
.
* 096-mtd_formatblock_zero_before_assignment.dpatch
[MTD] Inside NFTL_formatblock and INFTL_formatblock, the code was previously
assigning values to instr, then zero'ing out the values. Instead, move the
assignment to after the memset (Andres Salomon).
.
* 097-mtd_s3c2410_nand_inithw_calc_rate_fix.dpatch
[MTD] s3c2410_nand_inithw() was pulling timing information from the wrong
place, making the timing incorrect. This patch makes it pull the info from
the right place (Andres Salomon).
.
* 098-jffs2_do_mount_fs_init_bad_count.dpatch
[JFFS2] Initialize each eraseblock's bad_count to 0 in jffs2_do_mount_fs().
Unitialized memory sure is fun, eh? (Andres Salomon)
.
* 099-jfs_commit_inode_commit_race.dpatch
[JFS] Fix race in jfs_commit_inode(); before actually doing the commit,
retest to ensure that the inode is both dirty and linked (Andres Salomon).
.
* 101-ppc64_hugetlb_mm_free_pgd_unlock.dpatch
[PPC64] In hugetlb_mm_free_pgd(), mm->page_table_lock is locked, but never
unlocked in the event of an error. This patch fixes that (Andres Salomon).
.
* 102-cosa_sppp_channel_init_delay_attach.dpatch
Fix buglet in cosa's sppp_channel_init(); do not call sppp_attach() until
the netdev contains info that sppp_attach needs (Andres Salomon).
.
* 104-wan_sdla_firmware_cap_sys_rawio_addition.dpatch
[SECURITY] The SDLA driver only checked CAP_NET_ADMIN when doing firmware
uploads. This patch adds an additional check for CAP_SYS_RAWIO, as well
(Andres Salomon).
.
* 107-xfs_finish_reclaim_always_inode.dpatch
[XFS] In xfs_finish_reclaim(), xfs_ireclaim() should always be called
(unless there's some sort of locking problem) before returning
(Andres Salomon).
.
* 108-xfs_attrmulti_by_handle_limit_mem_alloc.dpatch
[SECURITY] xfs_ioctl(XFS_IOC_ATTRMULTI_BY_HANDLE) calls
xfs_attrmulti_by_handle, which allocates memory based on user input. This
patch adds a check for a max size of memory to alloc; otherwise, a user
can potentially DoS the system by exhausting memory. Not sure whether root
is required to open the vnode device, but to be on the safe side...
(Andres Salomon)
.
* 109-binfmt_elf_loader_solar_designer_fixes.dpatch
[SECURITY] Fix from Solar Designer; the binfmt_elf load routines are
returning incorrect values, and are not strict enough in checking the
number of program headers (Andres Salomon).
.
* 110-load_module_arg_checking.dpatch
If the parsing of module args failed, the module could still be loaded
successfully. Fix that (Andres Salomon).
.
* 111-security_seclvl_kconfig_dep.dpatch
Add a Kconfig dependency on CRYPTO for SECURITY_SECLVL (Andres Salomon).
.
* 112-audit_receive_skb_double_negative_return_val.dpatch
audit_receive_skb negates the err it receives from audit_receive_msg. It
shouldn't do that (Andres Salomon).
.
* 114-netfilter_private_queues.dpatch
[NETFILTER] Amongst netfilter users, skb frag queues were shared. This
could cause problems. See
http://oss.sgi.com/archives/netdev/2005-01/threads.html#01036 for more
details (Andres Salomon).
.
* 115-proc_file_read_nbytes_signedness_fix.dpatch
[SECURITY] Heap overflow fix in /proc; WDYBTGT3-1 on
http://www.guninski.com/where_do_you_want_billg_to_go_today_3.html
No CAN# assigned yet, afaik (Andres Salomon).
.
* 116-n_tty_copy_from_read_buf_signedness_fixes.dpatch
[SECURITY] copy_from_read_buf() fix; WDYBTGT3-2 on
http://www.guninski.com/where_do_you_want_billg_to_go_today_3.html
No CAN#, yet (Andres Salomon).
.
* 117-reiserfs_file_64bit_size_t_fixes.dpatch
[SECURITY] reiserfs integer fixes; WDYBTGT3-4 on
http://www.guninski.com/where_do_you_want_billg_to_go_today_3.html
(Andres Salomon).
.
* 118-i2c_sis5595_setup_pci_config_return_checks.dpatch
[I2C] The i2c-sis5595 was forward ported from 2.4, but the calls to
read the pci config registers were never updated for 2.6. As such, they
are incorrectly handling the results of the function calls
(Andres Salomon).
.
* 119-i2c_viapro_i2cdump_overflow.dpatch
[SECURITY] Fix a very hard to exploit buffer overflow in the i2c-viapro
driver (Andres Salomon).
.
* 120-openpromfs_property_read_fix.dpatch
Fix an oopsable condition in Openpromfs's property_read() (Andres Salomon).
.
* 121-cpufreq_resume_readd.dpatch
[CPUFREQ] Somewhere around 2.6.6, a call to cpufreq_driver->resume() was
accidentally dropped. Readd it (Andres Salomon).
.
* 122-cpufreq_resume_readd_2.dpatch
[CPUFREQ] Fix a problem w/ 121-cpufreq_resume_readd.patch, where a return
value was not being checked correctly (Andres Salomon).
.
* 123-atm_get_addr_signedness_fix.dpatch
[SECURITY] Fix atm_get_addr()'s usage of its size arg, by making it
unsigned. WDYBTGT3-3 on
http://www.guninski.com/where_do_you_want_billg_to_go_today_3.html
(Andres Salomon).
.
* 125-netfilter_private_queues_2.dpatch
[SECURITY] Add missing bits needed to make 114-netfilter_private_queues.patch
compile. Patch stolen from ubuntu (mainly to keep the same ABI)
(Andres Salomon).
.
* 126-ftdi_sio_set_serial_info_baud_base_check.dpatch
[USB] Change ftdi_sio's set_serial_info() to do a correct check for baud_base;
it should be checking if baud_base<9600 if the baud_base has changed
(Andres Salomon).
.
* 129-video_cg3_screen_blanking.dpatch
[SPARC] Fix cg3 blanking; the driver was setting _ENABLE_VIDEO on POWERDOWN,
instead of unsetting it (Andres Salomon).
.
* 130-sparc_prom_nodematch_check_getproperty.dpatch
[SPARC] In prom_nodematch, check whether prom_getproperty() actually
succeeds before using the string it sets (Andres Salomon).
.
* 131-sparc_check_prom_getproperty.dpatch
[SPARC] Check return value from prom_getproperty() in various places where
it wasn't being checked (Andres Salomon).
.
* 132-sparc32_get_tv32_use_correct_variable.dpatch
[SPARC] get_tv32() uses a non-existent variable 'tv32'. Fix that
(Andres Salomon).
.
* 133-scsi_advansys_build_with_non_pci.dpatch
[SCSI] Allow advansys driver to compile if CONFIG_PCI isn't set
(Andres Salomon).
.
* 134-cciss_scsi_detect_put_host_on_error.dpatch
[SCSI] cciss_scsi_detect() calls scsi_add_host(), which bumps the refcount
(even in the event of an error). Thus, if scsi_add_host fails, the
scsi host refcount needs to be decremented; so, call scsi_host_put upon
error (Andres Salomon).
.
* 135-64bit_sys_shmget_compat_size_t_overflow.dpatch
64bit archs that offer 32bit compat wrappers for sys_shmget were mostly
passing the second arg as a 32bit signed int; what would happen then is,
it would be casted to a size_t (64bit unsigned), and the sign would cause
it to overflow. Instead, we need to cast to a 32bit unsigned value first,
and then cast to 64bit unsigned (Andres Salomon).
.
* 136-64bit_sys_compat_overflows.dpatch
More of the same as 135*.dpatch, except for stuff like sys_ipc, sys_semget,
sys_msgsnd, etc (Andres Salomon).
.
* 137-ppc64_prom_initialize_tce_table_typo.dpatch
[PPC64] prom_initialize_tce_table() refers to 'vbase', which doesn't
actually exist; instead, 'base' was what was meant (Andres Salomon).
.
* 138-tulip_de_init_one_irq_init.dpatch
The tulip driver's de_init_one() was using pdev->irq before it had been
initialized. Move its usage until after it has been initted
(Andres Salomon).
.
* 139-pci_dma_free_coherent.dpatch
[I386] dma_free_coherent() was calling kmalloc with its args reversed;
clearly incorrect (Andres Salomon).
.
* 140-s390_memset_arg_order_fixes.dpatch
[S390] Fix various drivers that call memset() with args in the wrong order
(Andres Salomon).
.
* 141-pci_devices_dont_disable_dev_if_busy.dpatch
For various pci devices, if pci_request_regions fails (because resources
are already in use), don't disable the pci device (someone else is using it)
(Andres Salomon).
.
* 142-r8169_dev_alloc_skb_alignment_fix.dpatch
The r8169 driver wasn't alloc'ing enough memory for skbs; the size should
be padded by NET_IP_ALIGN (Andres Salomon).
.
* 143-sysfs_write_file_signedness_problem.dpatch
[SYSFS] sysfs_write_file assigns the result of fill_write_buffer (which is
signed and returns negative upon error) to an unsigned int. Clearly, bad
and wrong.. (Andres Salomon)
.
* 144-sys_epoll_wait_int_overflow.dpatch
[SECURITY] sys_epoll_wait contains an integer overflow; see
http://seclists.org/lists/fulldisclosure/2005/Mar/0293.html for additional
details (Andres Salomon).
.
* ipv4-fragment-queues.dpatch, ipv4-fragment-queues-2.dpatch:
Drop netfilter frag queue stuff, as a) it's an ABI change,
b) it's fixed in 2.6.11, and c) it's not that critical. It's more
important to get other 2.6.10 fixes out to people (Andres Salomon).
Files:
5c04548740a4fb769b25e9c3b2d44237 997 devel optional kernel-source-2.6.10_2.6.10-6.dsc
1dea9fad378d1ab8b30a89bbbe26ecc5 340839 devel optional kernel-source-2.6.10_2.6.10-6.diff.gz
24b33f480a14a6304ecad6de5ea8a655 405330 devel optional kernel-patch-debian-2.6.10_2.6.10-6_all.deb
5eaa4b751e72298732cdb561040ef3fa 35853606 devel optional kernel-source-2.6.10_2.6.10-6_all.deb
dd7dfc7bcf372613d4f4074da879eeb9 36324 devel optional kernel-tree-2.6.10_2.6.10-6_all.deb
307bbad2e8f754c36742e5d5e7e0bb2a 6735044 doc optional kernel-doc-2.6.10_2.6.10-6_all.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.0 (GNU/Linux)
iD8DBQFCMTSn78o9R9NraMQRAjJeAJ9QPxnZxheNPfziSZ+tKEIpld3LmQCfTRfs
cHVjVExs/NcUG+72xqfLaNM=
=n1d0
-----END PGP SIGNATURE-----
Reply to: